New Release: Tor Browser 10.0a7
Tor Browser 10.0a7 is now available from the Tor Browser Alpha download page and also from our distribution directory.
Note: This is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release instead.
We are happy to announce the third alpha for desktop users based on Firefox 78 ESR. The Android version is under active development and will be available in the coming weeks.
Tor Browser 10.0a7 updates NoScript to 11.0.43. The Windows installer now uses NSIS 3.06.1. Please report bugs with steps to reproduce, either here or on Gitlab, or essentially with any other means that would reach us. We are in particular interested in potential proxy bypasses which our proxy audit missed.
Note: We encountered updater issues for all alpha users that have been auto-updating the alpha series for months. We changed the accepted MAR channel ID to torbrowser-torproject-alpha as we are on an alpha channel. The assumption was that enough time passed since we changed it last time to torbrowser-torproject-release,torbrowser-torproject-alpha but it turns out that change did not get applied. Workaround: change the torbrowser-torproject-release in your update-settings.ini (in the Browser's code directory, which depends on you operating system) file to torbrowser-torproject-alpha and the update should get applied successfully. Alternatively, downloading a fresh alpha copy of Tor Browser works as well. Sorry for the inconvenience.
The full changelog since Tor Browser 10.0a6 is:
- Windows + OS X + Linux
- Update Tor Launcher to 0.2.24
- Translations update
- Update NoScript to 11.0.43
- Bug 10394: Let Tor Browser update HTTPS Everywhere
- Bug 32017: Use ExtensionStorageIDB again
- Bug 40006: Fix new identity for 81
- Bug 40007: Move SecurityPrefs initialization to the StartupObserver component
- Bug 40008: Style fixes for 78
- Bug 40066: Remove default bridge 37.218.240.34
- Bug 40073: Repack omni.ja to include builtin HTTPS Everywhere
- Bug 40091: Load HTTPS Everywhere as a builtin addon
- Bug 40102: Fix UI bugs in Tor Browser 10.0 alpha
- Bug 40109: Playing video breaks after reloading pages
- Bug 40119: Enable v3 extension blocklisting again
- Build System
- Windows + OS X + Linux
- Bump Go to 1.14.7
- Bug 40031: Add licenses for kcp-go and smux.
- Bug 40045: Fix complete .mar file creation for dmg2mar
- Bug 40065: Bump debootstrap-image ubuntu_version to 20.04.1
- Bug 40087: Deterministically add HTTPS Everywhere into omni.ja
- Windows
- Bug 40052: Bump NSIS to 3.06.1
- Bug 40071: Be explicit about no SEH with mingw-w64 on 32bit systems
- Bug 40077: Don't pass --no-insert-timestamp when building Firefox
- Bug 40090: NSIS 3.06.1 based builds are not reproducible anymore
- Windows + OS X + Linux
Comments
Please note that the comment area below has been archived.
I used TBB with a builtin…
I used TBB with a builtin obfs4 bridge. Then I unchecked 'use a bridge' in about:preferences#tor and exited. After the restart I found that TBB was still using obfs4 bridge, but in about:preferences#tor I saw a list of 14 custom bridges. What's going on?
Update Tor Launcher to 0.2…
Update Tor Launcher to 0.2.24
Where in Tor Browser can I see its version?
It is not easily found…
It is not easily found because the project is integrated into the browser. You can see it in the build system (on line 2):
https://gitweb.torproject.org/builders/tor-browser-build.git/tree/proje…
Why is it not visible in…
Why is it not visible in about:support?
It is not an extension now…
It is not an extension now. It is part of the browser.
06:55:44.102 Uncaught Error:…
06:55:44.102 Uncaught Error:
writeSettings resource:///modules/TorProtocolService.jsm:122
writeSettings chrome://browser/content/torpreferences/torBridgeSettings.jsm:292
onUpdateBridgeSettings chrome://browser/content/torpreferences/torPane.js:671
_populateXUL chrome://browser/content/torpreferences/torPane.js:224
TorProtocolService.jsm:122:15
writeSettings resource:///modules/TorProtocolService.jsm:122
writeSettings chrome://browser/content/torpreferences/torBridgeSettings.jsm:292
onUpdateBridgeSettings chrome://browser/content/torpreferences/torPane.js:671
_populateXUL chrome://browser/content/torpreferences/torPane.js:224
Tor Circuit Display doesn't…
Tor Circuit Display doesn't work after restarting tor.
SEH regression on Windows…
SEH regression on Windows for x86 bundles based on ESR 78
Go-based exes lack
LDFLAGS="
c('var/flag_noSEH')
c("var/flag_mwindows")
"07:35:55.059 Media resource…
07:35:55.059 Media resource blob:https://www.youtube.com/%GUID% could not be decoded, error: Error Code: NS_ERROR_DOM_MEDIA_FATAL_ERR (0x806e0005)
Details: mozilla::MediaResult mozilla::RemoteAudioDecoderChild::InitIPDL(const mozilla::AudioInfo &, const CreateDecoderParams::OptionSet &): RemoteDecoderManager is not available.
Tor doesn't try to restart…
Tor doesn't try to restart died PT, just logs:
Tor WARN: The connection to the SOCKS5 proxy server at 127.0.0.1:52038 just failed. Make sure that the proxy server is up and running.
Tor Browser fails silently.
It would be desirable if …
It would be desirable if "state" (cookies, localStorage, cache, etc.) for a given first-party would be automatically purged when all tabs belonging to that first-party are closed.
To demonstrate why, consider the following scenario:
User visits a small forum/blog dedicated to a sensitive subject. While here, they are linked to content on a large centralized platform (e.g. Twitter, Youtube, Reddit).
Some time later in the same browsing session, he visits one of these large centralized services (e.g. Twitter, Youtube, Reddit), this time to check local weather or news.
If he is not disciplined and regularly restarting his browser and/or using the clear identity function, the centralized service (e.g. Twitter, Youtube, Reddit) can link together these activities through browser state (cookies, localStorage, cache, etc.) and narrow in on his identity.
Yes, unfortunately it is…
Yes, unfortunately it is very difficult. Implementing "New Identity" is already difficult.
12:43:35.940 Error:…
12:43:35.940 Error: Connection closed, pending request to server1.conn0.longstractor38518, type release failed
Request stack:
request@resource://devtools/shared/protocol/Front.js:256:14
generateRequestMethods/releaseActorsEnhancer@resource://devtools/client/webconsole/enhancers/actor-releaser.js:36:40
batchingReducer@resource://devtools/client/webconsole/enhancers/batching.js:21:18
netProviderEnhancer@resource://devtools/client/webconsole/enhancers/net-provider.js:42:31
messagesCacheClearingEnhancer@resource://devtools/client/webconsole/enhancers/message-cache-clearing.js:17:15
ensureErrorReportingEnhancer@resource://devtools/client/webconsole/enhancers/css-error-reporting.js:25:15
dispatch@resource://devtools/client/shared/vendor/redux.js:256:22
eventTelemetryMiddleware/onClick@resource://devtools/client/webconsole/components/FilterBar/FilterBar.js:211:33
invokeGuardedCallbackImpl@resource://devtools/client/shared/vendor/react-dom.js:74:10
invokeGuardedCallback@resource://devtools/client/shared/vendor/react-dom.js:111:29
invokeGuardedCallbackAndCatchFirstError@resource://devtools/client/shared/vendor/react-dom.js:125:25
executeDispatch@resource://devtools/client/shared/vendor/react-dom.js:346:42
executeDispatchesInOrder@resource://devtools/client/shared/vendor/react-dom.js:362:22
executeDispatchesAndRelease@resource://devtools/client/shared/vendor/react-dom.js:462:29
executeDispatchesAndReleaseTopLevel@resource://devtools/client/shared/vendor/react-dom.js:470:10
forEachAccumulated@resource://devtools/client/shared/vendor/react-dom.js:444:8
runEventsInBatch@resource://devtools/client/shared/vendor/react-dom.js:598:21
runExtractedEventsInBatch@resource://devtools/client/shared/vendor/react-dom.js:606:19
handleTopLevel@resource://devtools/client/shared/vendor/react-dom.js:4272:30
batchedUpdates$1@resource://devtools/client/shared/vendor/react-dom.js:15752:12
batchedUpdates@resource://devtools/client/shared/vendor/react-dom.js:1882:12
dispatchEvent@resource://devtools/client/shared/vendor/react-dom.js:4351:19
interactiveUpdates$1/<@resource://devtools/client/shared/vendor/react-dom.js:15803:14
unstable_runWithPriority@resource://devtools/client/shared/vendor/react.js:617:12
interactiveUpdates$1@resource://devtools/client/shared/vendor/react-dom.js:15802:12
interactiveUpdates@resource://devtools/client/shared/vendor/react-dom.js:1901:10
dispatchInteractiveEvent@resource://devtools/client/shared/vendor/react-dom.js:4328:21
Front.js:77:23
In french "about" menu there…
In french "about" menu there's a mispelling
Dans le menu "aide/à propos de", il y a une faute d'orthographe dans la description de Tor:
... vos données personnels ...
=> ... vos données personnelles ...
Thanks! Please help us:…
Thanks! Please help us: https://community.torproject.org/localization/becoming-tor-translator/
https://gitlab.torproject…
https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/320…
extensions.webextensions.ExtensionStorageIDB.enabled = true
This causes an inseparable mix from WebExtensions and Storage in one
Directory.
Its hard to see this 'data' and work with, clear this storage manually if wanted.
It looks like a messy blob in FF68esr. In FF78est too?
Yes
Yes